Over the air communication authentication using a service token
First Claim
Patent Images
1. A system comprising:
- at least a memory and a processor to implement a service configured to;
combine at least one property of an image to be sent to a communication device with at least one device capability to create a service token, the at least one device capability known by at least one of the device or the service;
store information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device;
store an identifier of a communication session through which the service token will be sent to the communication device as an entry in the database of the service;
send the service token to the communication device;
receive an additional service token and a device token from the communication device;
determine if the received additional service token is the same as the sent service token;
determine if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token;
determine if the device token is valid; and
authenticate communication between the service and the communication device when the received additional service token is the same as the sent service token, when the sent service token and the received additional service token were sent and received in the same communication session, and when the device token is valid.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method are described for securing over the air communications between a service and a communication device. For example, one embodiment of a method for creating a security token on a communication device for communication between the communication device and a service includes combining a device identification of the communication device with a device capability to create a device information, the device capability known by the service. The method further includes encrypting the device information.
-
Citations
24 Claims
-
1. A system comprising:
at least a memory and a processor to implement a service configured to; combine at least one property of an image to be sent to a communication device with at least one device capability to create a service token, the at least one device capability known by at least one of the device or the service; store information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device; store an identifier of a communication session through which the service token will be sent to the communication device as an entry in the database of the service; send the service token to the communication device; receive an additional service token and a device token from the communication device; determine if the received additional service token is the same as the sent service token; determine if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token; determine if the device token is valid; and authenticate communication between the service and the communication device when the received additional service token is the same as the sent service token, when the sent service token and the received additional service token were sent and received in the same communication session, and when the device token is valid. - View Dependent Claims (2, 3, 18, 19, 20, 21, 22)
-
4. A method comprising:
-
creating a service token on a service, the service token including at least one device capability of a communication device; storing information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device; storing an identifier of a communication session through which the service token will be sent to the communication device as an entry in the database of the service; sending the service token to the communication device; receiving an additional service token and a device token from the communication device; determining if the received additional service token is the same as the sent service token; determining if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token; determining if the device token is valid; and authenticating communication between the service and the communication device if the received additional service token is the same as the sent service token, if the sent service token and the received additional service token were sent and received in the same communication session, and if the device token is valid. - View Dependent Claims (5, 6, 7, 8, 9, 23, 24)
-
-
10. A system comprising:
at least a memory and a processor to implement a service configured to; create a service token that will be sent to a communication device; store information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device; store an identifier of a communication session through which the service token will be sent to the communication device; send the service token to the communication device; receive an additional service token and a device token from the communication device; determine if the received additional service token is the same as the sent service token; determine if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token; determine if the device token is valid; and authenticate communication between the service and the communication device if the received additional service token is the same as the sent service token, if the sent service token and the received additional service token were sent and received in the same communication session, and if the device token is valid. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
Specification